Topic: zero-day exploit
-
Millions of Cisco Devices Hit by Active 0-Day Attack
A critical vulnerability (CVE-2025-20352) affects approximately two million Cisco devices, allowing attackers to crash systems or execute malicious code with the highest privileges. The flaw is a stack overflow bug in the SNMP processing component and is being actively exploited, prompting Cisco ...
Read More » -
Cisco Warns of Chinese Hackers Using New Zero-Day
Cisco warns of an active, state-sponsored hacking campaign exploiting a critical zero-day vulnerability in its security appliances, allowing complete device takeover with no patch currently available. The flaw targets specific Cisco AsyncOS products, but exploitation requires a non-default config...
Read More » -
Urgent Chrome Update Fixes Actively Exploited 0-Day Bug
Google has released a critical update for Chrome to patch a zero-day vulnerability (CVE-2025-13223) that is already being actively exploited in attacks. The flaw is a type confusion issue in the V8 JavaScript engine that could allow attackers to execute unauthorized code and potentially take cont...
Read More » -
GlobalLogic Hit by Cl0p Ransomware Following Oracle EBS Breach
GlobalLogic, a Hitachi-owned software firm, notified 10,471 current and former employees that their personal and financial data was stolen due to a breach in its Oracle E-Business Suite platform. The breach exploited a zero-day vulnerability in Oracle's system, leading to data exfiltration on Oct...
Read More » -
Samsung Phones Infected by "Landfall" Spyware for Nearly a Year
The Landfall spyware campaign targeted Samsung Galaxy phones by exploiting a zero-day vulnerability (CVE-2025-21042) to steal personal data without user interaction, using maliciously crafted DNG image files. Samsung released a security patch in April 2025 to fix the vulnerability, and the attack...
Read More » -
SonicWall warns admins: Disable SSLVPN now to stop attacks
SonicWall has issued an urgent alert to disable SSLVPN services due to potential zero-day exploits targeting Gen 7 firewalls, with ransomware attacks bypassing multi-factor authentication. Security researchers suspect an unpatched flaw in SonicWall’s SSL VPN technology, advising immediate mitigat...
Read More » -
Nippon Steel IT Unit Targeted in Zero-Day Cyberattack
A major cyberattack on NS Solutions, Nippon Steel's IT division, exposed sensitive employee and client data via a zero-day exploit in March 2025. The breach potentially leaked personal details like names and contact information, prompting warnings about phishing risks, though no confirmed data le...
Read More » -
Envoy Air Hit by Oracle Data Breach, American Airlines Confirms
The Clop ransomware gang breached Envoy Air's Oracle E-Business Suite, claiming responsibility and accusing the company of neglecting security, though Envoy confirmed no sensitive customer data was accessed. This attack is part of a broader campaign by Clop exploiting zero-day vulnerabilities in ...
Read More » -
Clop Hackers Use Oracle Zero-Day to Steal Executive Data
Oracle has patched a critical zero-day vulnerability (CVE-2025-61882) in its E-Business Suite, which hackers exploited to steal sensitive personal data from corporate executives without needing login credentials. The hacking group Clop has been linked to this mass exploitation campaign, sending e...
Read More » -
Unpatched Gogs Bug Actively Exploited, CISA Warns
A critical vulnerability (CVE-2025-8110) in the Gogs platform is being actively exploited, allowing authenticated users to achieve remote code execution by overwriting files via a symbolic link flaw. Over 700 Gogs instances have already been compromised, with no official patch yet available, thou...
Read More » -
Cisco Customers Vulnerable to New Chinese Hacking Campaign
A Chinese state-sponsored hacking campaign is exploiting a critical zero-day vulnerability (CVE-2025-20393) in Cisco's Secure Email Gateway and Web Manager software, primarily targeting systems in India, Thailand, and the United States. The attack surface is limited to hundreds of systems, as exp...
Read More » -
Sharepoint ToolShell Attacks Strike Global Orgs on 4 Continents
The ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint is a critical zero-day flaw that allows unauthenticated remote attackers to execute arbitrary code and access file systems, bypassing previous vulnerabilities. Microsoft attributes the exploitation to Chinese threat actors like ...
Read More » -
Google: Clop Hackers Stole Major Data in Oracle Breach
The Clop ransomware group breached Oracle's E-Business Suite starting around August 9, exploiting a zero-day vulnerability (CVE-2025-61882) to steal corporate data before patches were available. Victims received extortion emails from Clop affiliates demanding payment to prevent public data releas...
Read More » -
Google Uncovers Custom Backdoor on SonicWall Devices
Google researchers identified a cyberattack targeting outdated SonicWall Secure Mobile Access (SMA) appliances, using custom malware called Overstep to evade detection and erase evidence. The compromised devices lack security updates, making them vulnerable, and Google urges affected businesses t...
Read More » -
Barts Health NHS Data Breach Linked to Oracle Zero-Day Hack
A global cyberattack exploiting a critical Oracle software flaw (CVE-2025-61882) led to a data breach at Barts Health NHS Trust, stealing invoice files containing patient and former employee personal information. The Clop ransomware gang published the stolen data on the dark web, and Barts Health...
Read More » -
SonicWall Urges Password Reset Following Security Breach
SonicWall has advised customers to reset passwords after detecting unauthorized access to firewall configuration backup files in some MySonicWall accounts, which contain sensitive data like credentials and tokens. The company confirmed this was not a ransomware attack but a series of targeted bru...
Read More » -
Hackers Steal PornHub Premium User Data in Extortion Attack
A data breach at analytics provider Mixpanel exposed sensitive historical user data from PornHub Premium subscribers, though PornHub confirms its own servers and financial data were not compromised. The ShinyHunters extortion gang is demanding payment to prevent the release of over 200 million re...
Read More » -
SonicWall SMA100 Update Eradicates Rootkit Malware
SonicWall has released a critical firmware update for its SMA 100 series appliances that can eradicate the OVERSTEP rootkit malware, which enables persistent unauthorized access and data theft. The update is urgent due to active attacks by threat actor UNC6148, who uses the rootkit to steal sensi...
Read More » -
Logitech Data Breach Confirmed After Clop Ransomware Attack
Logitech confirmed a data breach by the Clop ransomware group, involving stolen information from Oracle E-Business Suite systems, as disclosed in an SEC filing. The compromised data includes limited employee, consumer, customer, and supplier details, but sensitive information like national IDs an...
Read More »